https://www.bleepingcomputer.com/news/security/security-advisory-accidentally-exposes-vulnerable-systems/

A security advisory for a vulnerability (CVE) published by MITRE has accidentally been exposing links to remote admin consoles of over a dozen vulnerable IP devices since at least April 2022.

BleepingComputer became aware of this issue yesterday after getting tipped off by a reader who prefers to remain anonymous. The reader was baffled on seeing several links to vulnerable systems listed within the "references" section of the CVE advisory.